AWS EC2 with Jenkins and SonarQube [Dynamic block used]
This project automates the creation of AWS resources using Terraform, focusing on EC2 instances. Jenkins and SonarQube are incorporated for continuous integration and code quality checks in a DevOps.
Perquisites:
Installed to be on your Local Machine.
For Installing All for this , Follow the Official Document of that tools.
Terraform VS Code Aws CLI Aws Account
Install Terraform
You have to install Terraform on your local machine. You can download it from the official Terraform website (https://www.terraform.io/downloads.html) and follow the installation instructions for your operating system.
Then we need to create a user on the AWS and after creating the user , generate the Access & Secrete Access Key, for the connecting the AWS with Terraform.
after Creating the user we need to some access/permissions to this user. creating & managing the terraform permissions or provide the aws Administrator permissions/access.
Create a user on the aws
Configure AWS Credentials:
aws configure
provider.tf
The provider.tf file is used to define the provider configuration. A Terraform provider is responsible for managing the lifecycle of a particular type of infrastructure, such as AWS, Azure, Google Cloud, etc. It specifies the details of the cloud provider you are using and any necessary authentication or configuration parameters.
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
}
# Configure the AWS Provider
provider "aws" {
region = "us-east-2"
}main.tf
The main.tf file is typically the main entry point for your Terraform configuration. It contains the resource definitions and configurations necessary for your infrastructure. In the context of provisioning AWS EKS with Terraform, it would include the definition of your EKS cluster, associated networking resources, and any other dependencies.
#create an EC2 Instance for installing jenkins & sonarqube on that server
resource "aws_instance" "web" {
ami = "ami-0e83be366243f524a"
instance_type = "t2.large"
key_name = "Ohio-pem"
vpc_security_group_ids = [aws_security_group.jenkins-sg.id]
tags = {
Name = "Jenkins & Sonarqube server"
}
root_block_device {
volume_size = 30
}
}
#create Security group
resource "aws_security_group" "jenkins-sg" {
name = "jenkins-sg"
description = "Allow TLS inbound traffic"
ingress {
description = "SSh"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "https"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "http"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "Jenkins"
from_port = 8080
to_port = 8080
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "Sonaarqube"
from_port = 9000
to_port = 9000
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
Name = "jenkins-sg"
}
}
Terraform init
Terraform initRun the command in your Terraform project directory to initialize the project. This downloads the necessary provider plugins and sets up the working directory.
terraform.lock.hcl File:
terraform.lock.hcl File:The terraform.lock.hcl file is related to Terraform modules and is used to pin module versions. It's created automatically when you use the terraform init command to initialize a Terraform configuration that uses modules.
terraform validate
terraform validate
The terraform validate command checks the syntax and structure of your Terraform configuration files. It ensures that your configurations are correctly written and that all the necessary providers and modules are available.
terraform plan
terraform plan
The terraform plan command is used to create an execution plan. It provides a preview of the changes that Terraform will make to your infrastructure based on your configuration. This is a critical step before actually applying any changes to your infrastructure.
terraform apply
terraform applyApply the Terraform configuration to create the AWS resources. This step might take some time as it provisions the EKS cluster, associated networking resources, and other dependencies.
Output - Running the ec2
terraform destroy
terraform destroyThis Command for destroy all of those resources , which was created by terraform.
After destroy command . server willl be Terminated
Edit the main.tf file for the use of dynamic Block
Dynamic blocks provide a way to generate repeated configurations dynamically within a resource block. They allow you to handle situations where you need to create multiple resources of a nested block with varying configurations.
Here, the situation is ,In this File ( OLD FILE ) we have to generate repeated configurations of ingress, So that's why, we are using dynamic block here.
main.tf -- using Dynamic Block
```
#create an EC2 Instance for installing jenkins & sonarqube on that server
resource "aws_instance" "web" {
ami = "ami-0e83be366243f524a"
instance_type = "t2.large"
key_name = "Ohio-pem"
vpc_security_group_ids = [aws_security_group.jenkins-sg.id]
user_data = templatefile("./install.sh", {})
tags = {
Name = "Jenkins & Sonarqube server"
}
root_block_device {
volume_size = 30
}
}
#create Security group
resource "aws_security_group" "jenkins-sg" {
name = "jenkins-sg"
description = "Allow TLS inbound traffic"
ingress = [
for port in [80, 8080, 413, 22, 9000] : {
description = "inbound rules"
from_port = port
to_port = port
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = []
prefix_list_ids = []
security_group = []
self = false
}
]
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
Name = "jenkins-sg"
}
}
```Install.sh
Install.sh is script file , Script for Terraform would be designed to automate the installation process
This file are used for running the Script for installation of the Jenkins , Docker ,& SonarQube
Script of Install.sh
#!/bin/bash
#installation of the Java-JDK
sudo apt update
sudo apt install fontconfig openjdk-17-jre
java -version
openjdk version "17.0.8" 2023-07-18
OpenJDK Runtime Environment (build 17.0.8+7-Debian-1deb12u1)
OpenJDK 64-Bit Server VM (build 17.0.8+7-Debian-1deb12u1, mixed mode, sharing)
#installation of the jenkins
sudo apt update -y
sudo wget -O /usr/share/keyrings/jenkins-keyring.asc \
https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
/etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt-get update -y
sudo apt-get install jenkins
#install docker
sudo apt-get update
sudo apt-get install docker.io -y
sudo usermod -aG docker ubuntu
newgrp docker
sudo chmod 777 /var/run/docker.sock
docker run -d --name sonar -p 9000:9000 sonarqube:lts-community
#install trivy
sudo apt-get install wget apt-transport-https gnupg lsb-release -y
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null
echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install trivy -y
terraform validate
terraform validate
terraform plan
terraform plan
terraform apply
terraform apply
EC2 instance Running
Docker & SonarQube running
SonarQube Console
Jenkins Interface
terraform destroy
terraform destroyThis Command for destroy all of those resources , which was created by terraform.
Last updated